Working in Web3 and Fighting Muay Thai are my favourite things in the world. Heading back to Thailand shortly (exact destination TBA), if your around let's go kick things together. 😁

I'm now staying at a hostel, and I met some Web3 developer here who tells me: "The best place to start with mastering solidity is within the docs, YT videos are trash. In 1 month you can reach a decent level." I'm not coming in completely blind, so let's see 👀 more to come...

GM, I've given myself a few extra days to recharge and recalibrate... Moving to a new area of Bangkok today and locking in to up-skill mind and body.🔒🧑‍🔬

From Monday, I'm going to be mainly focussed on developing skills for audit contests and bug bounties. After speaking with many researchers in the field, it offers flexibility and reward like no other, as long as you strategize well. I'll be posting updates of the journey

Web2 Security🤝Web3 Security

Feedback like this from clients is one of the reasons that makes working at Sherlock so worthwhile.

To find a niche in your career can be a long road, but is something you can only learn with time & experience. Having worked in IT/SaaS sales and traditional cyber security consultancy, this path has led me to Web3 Security, and I can't see that changing.

This.

We are happy to announce that the audit for @HydrexFi is complete! Hydrex is a MetaDEX purpose-built for Base, bringing frictionless & innovative Liquidity Infrastructure to the ecosystem.

The attack vector in this issue utilizes asynchronous state on different chains. Something to always keep in mind when auditing crosschain Defi.

10 small steps are a leap

Welcome back to Sherlock's Vulnerability Spotlight, where we highlight an impactful vulnerability uncovered during a Sherlock audit. This week, we have a Cross-Chain Liquidation Lockout. It was uncovered by @jokrsec, @kirkeelee, @waydou9, @zeroisabot, @0xh2134, @Oxelmiguel12,

GM happy Monday all. Another week helping protocols dodge smart contract vulnerabilities 💨

This is everything that's wrong with Crypto in its current state. It shouldn't be sifting through the 🐂💩 in order to get to real utility. It should be the other way around... Every day working in the industry is a step in the right direction.

Can't wait for this, one for those nights where you want to feel extra productive in between auditing✍️

Welcome back to Sherlock's Vulnerability Spotlight, where we highlight an impactful vulnerability uncovered during a Sherlock audit. This week, we have an Unvalidated Cross-Chain token swap. It was uncovered by @0xekkoo, @0xapple_, @elolpuer, @x0sauce, @patitonar, @sepyke,

They don't teach this 🔥 in school. Yet... Regardless, I'll never stop learning until the day I die 🎲🌱

Lack of input validation is one of the top 10 vulnerabilities found in smart contracts. Happy to have helped uncover this one in the @BreederDodo @sherlockdefi contest

GM Web3 Security. Is GPT5 still god awful at discovering smart contract vulnerabilities? Surely they will just be mad duplicated anyway, right?

One of the biggest challenges we face is bridging the gap between Web2 and Web3 security. Both are linked much more than people realize. If someone exfiltrates your data which contains keys to your whitelisted admin wallet, or you install a malicious coding extension, or you

Auditors, set your alarms for the @neutrl_labs audit contest starting next Monday, August 18th! With up to $100,000 in rewards, this is not a contest you'll want to miss.